app-emulation/qemu: Sync with Gentoo's latest stable

sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/Manifest

@@ -1,2 +1 @@
-DIST qemu-3.1.0-patches-r1.tar.xz 2292 BLAKE2B 0861dcf2eebd7f1f6dd495035fc39a14e44eb8e437127b22105ea2374e5068613c4c3f41227e97e0093062f9448ded2d956dc6c40ae6c64c7258c3dcf87c59c3 SHA512 6eca3f4ec6e62c7a24af15405147d266f8fb77462eb8797da8d7f9e40805160d9431478428baece5b5744fc1edecff988b44c512ae1fbf8f2cc3632ea14962cc
-DIST qemu-3.1.0.tar.xz 36070104 BLAKE2B 9ed7d1b3256d84f2b73d61763e20f5e4bc5b47d56e4e0d56cf4c29cd25669457b0f08e90d7255589c9666400bb310df3dba3b9290232cad18057b20f08013a3b SHA512 7e8dae823937cfac2f0c60406bd3bdcb89df40313dab2a4bed327d5198f7fcc68ac8b31e44692caa09299cc71256ee0b8c17e4f49f78ada8043d424f5daf82fe
+DIST qemu-4.0.0.tar.xz 55628624 BLAKE2B 8afd1f54aa13d2e61fd36c4f4544b7c4ffb1a7eee5c69d3aa1d40a432ca296ad8abe6cb83d7c66ac4045ca624d2a00e737f51e4e62ed46fef9766ef71f43b98b SHA512 952e94194ce9e64c15388c59035cb31fb9f761d30095c2fb9441012b609c18c9976285727b93bf37b95e15675802d73f8e1c4619ebecd23606675bb503646b13

sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/0001-block-fix-vpc-max_table_entries-computation.patch

@@ -1,25 +0,0 @@
-From b737484f814da16b8e9d405219cc1c2e81321d6b Mon Sep 17 00:00:00 2001
-From: Nick Owens <mischief@offblast.org>
-Date: Mon, 28 Nov 2016 13:28:58 -0800
-Subject: [PATCH] block: fix vpc max_table_entries computation
-
----
- block/vpc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/block/vpc.c b/block/vpc.c
-index 43707ed22c..beca222b98 100644
---- a/block/vpc.c
-+++ b/block/vpc.c
-@@ -787,7 +787,7 @@ static int create_dynamic_disk(BlockBackend *blk, uint8_t *buf,
- 
-     /* Write the footer (twice: at the beginning and at the end) */
-     block_size = 0x200000;
--    num_bat_entries = (total_sectors + block_size / 512) / (block_size / 512);
-+    num_bat_entries = total_sectors / (block_size / 512);
- 
-     ret = blk_pwrite(blk, offset, buf, HEADER_SIZE, 0);
-     if (ret < 0) {
--- 
-2.11.0.rc2
-

sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-3.1.0-md-clear-md-no.patch

@@ -0,0 +1,61 @@
+From 0fb766134bd97ead71646e13349f93769e536ed9 Mon Sep 17 00:00:00 2001
+From: Matthias Maier <tamiko@43-1.org>
+Date: Fri, 17 May 2019 02:21:10 -0500
+Subject: [PATCH] Define md-clear bit, expose md-no CPUID
+
+Fixes for CVE-2018-121{26|27|30}, CVE-2019-11091
+
+See related fixes for Ubuntu:
+  https://launchpad.net/ubuntu/+source/qemu/1:3.1+dfsg-2ubuntu3.1
+---
+ target/i386/cpu.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index d6bb57d2..331a364a 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -1076,7 +1076,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
+         .feat_names = {
+             NULL, NULL, "avx512-4vnniw", "avx512-4fmaps",
+             NULL, NULL, NULL, NULL,
+-            NULL, NULL, NULL, NULL,
++            NULL, NULL, "md-clear", NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
+         .type = MSR_FEATURE_WORD,
+         .feat_names = {
+             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
+-            "ssb-no", NULL, NULL, NULL,
++            "ssb-no", "mds-no", NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+diff --git a/target/i386/cpu.h b/target/i386/cpu.h
+index 83fb5225..d0bab4d7 100644
+--- a/target/i386/cpu.h
++++ b/target/i386/cpu.h
+@@ -694,6 +694,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
+ 
+ #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
+ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
++#define CPUID_7_0_EDX_MD_CLEAR      (1U << 10) /* Microarchitectural Data Clear */
+ #define CPUID_7_0_EDX_SPEC_CTRL     (1U << 26) /* Speculation Control */
+ #define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29)  /*Arch Capabilities*/
+ #define CPUID_7_0_EDX_SPEC_CTRL_SSBD  (1U << 31) /* Speculative Store Bypass Disable */
+diff --git a/target/i386/hvf/x86_cpuid.c b/target/i386/hvf/x86_cpuid.c
+index 4d957fe8..b453552f 100644
+--- a/target/i386/hvf/x86_cpuid.c
++++ b/target/i386/hvf/x86_cpuid.c
+@@ -90,7 +90,8 @@ uint32_t hvf_get_supported_cpuid(uint32_t func, uint32_t idx,
+             }
+ 
+             ecx &= CPUID_7_0_ECX_AVX512BMI | CPUID_7_0_ECX_AVX512_VPOPCNTDQ;
+-            edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS;
++            edx &= CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS | \
++                   CPUID_7_0_EDX_MD_CLEAR;
+         } else {
+             ebx = 0;
+             ecx = 0;

sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-4.0.0-mkdir_systemtap.patch

@@ -0,0 +1,12 @@
+diff --git a/Makefile b/Makefile
+index 04a0d450..e0013a59 100644
+--- a/Makefile
++++ b/Makefile
+@@ -760,6 +760,7 @@ ifneq ($(TOOLS),)
+ 	$(INSTALL_DATA) qemu-nbd.8 "$(DESTDIR)$(mandir)/man8"
+ endif
+ ifdef CONFIG_TRACE_SYSTEMTAP
++	mkdir -p $(DESTDIR)$(bindir)
+ 	$(INSTALL_DATA) scripts/qemu-trace-stap.1 "$(DESTDIR)$(mandir)/man1"
+ endif
+ ifneq (,$(findstring qemu-ga,$(TOOLS)))

sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch

@@ -0,0 +1,32 @@
+linux-user: Sanitize interp_info and, for mips
+
+Sanitize interp_info structure in load_elf_binary() and, for mips only,
+init its field fp_abi. This fixes appearances of "Unexpected FPU mode"
+message in some MIPS use cases.
+
+Signed-off-by: Daniel Santos <address@hidden>
+Signed-off-by: Aleksandar Markovic <address@hidden>
+---
+ linux-user/elfload.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/linux-user/elfload.c b/linux-user/elfload.c
+index c1a2602..7f09d57 100644
+--- a/linux-user/elfload.c
++++ b/linux-user/elfload.c
+@@ -2698,6 +2698,11 @@ int load_elf_binary(struct linux_binprm *bprm, struct image_info *info)
+     char *elf_interpreter = NULL;
+     char *scratch;
+ 
++    memset(&interp_info, 0, sizeof(interp_info));
++#ifdef TARGET_MIPS
++    interp_info.fp_abi = MIPS_ABI_FP_UNKNOWN;
++#endif
++
+     info->start_mmap = (abi_ulong)ELF_START_MMAP;
+ 
+     load_elf_image(bprm->filename, bprm->fd, info,
+-- 
+2.7.4
+
+

sdk_container/src/third_party/coreos-overlay/app-emulation/qemu/qemu-4.0.0-r3.ebuild

@@ -10,8 +10,8 @@ PLOCALES="bg de_DE fr_FR hu it tr zh_CN"
 
 FIRMWARE_ABI_VERSION="2.11.1-r50"
 
-inherit eutils flag-o-matic linux-info toolchain-funcs multilib python-r1 \
-	user udev fcaps readme.gentoo-r1 pax-utils l10n
+inherit eutils linux-info toolchain-funcs multilib python-r1 \
+	user udev fcaps readme.gentoo-r1 pax-utils l10n xdg-utils
 
 if [[ ${PV} = *9999* ]]; then
 	EGIT_REPO_URI="git://git.qemu.org/qemu.git"
@@ -19,10 +19,7 @@ if [[ ${PV} = *9999* ]]; then
 	SRC_URI=""
 else
 	SRC_URI="http://wiki.qemu-project.org/download/${P}.tar.xz"
-	KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd"
-
-	# Gentoo specific patchsets:
-	SRC_URI+=" https://dev.gentoo.org/~tamiko/distfiles/${P}-patches-r1.tar.xz"
+	KEYWORDS="amd64 ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd"
 fi
 
 DESCRIPTION="QEMU + Kernel-based Virtual Machine userland tools"
@@ -30,15 +27,13 @@ HOMEPAGE="http://www.qemu.org http://www.linux-kvm.org"
 
 LICENSE="GPL-2 LGPL-2 BSD-2"
 SLOT="0"
-IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug
+IUSE="accessibility +aio alsa bzip2 capstone +caps +curl debug +doc
 	+fdt glusterfs gnutls gtk infiniband iscsi +jpeg kernel_linux
-	kernel_FreeBSD lzo ncurses nfs nls numa opengl pin-upstream-blobs +png
+	kernel_FreeBSD lzo ncurses nfs nls numa opengl +pin-upstream-blobs +png
 	pulseaudio python rbd sasl +seccomp sdl selinux smartcard snappy
 	spice ssh static static-user systemtap tci test usb usbredir vde
 	+vhost-net virgl virtfs +vnc vte xattr xen xfs"
 
-RESTRICT=strip
-
 COMMON_TARGETS="aarch64 alpha arm cris hppa i386 m68k microblaze microblazeel
 	mips mips64 mips64el mipsel nios2 or1k ppc ppc64 riscv32 riscv64 s390x
 	sh4 sh4eb sparc sparc64 x86_64 xtensa xtensaeb"
@@ -85,6 +80,7 @@ ALL_DEPEND="
 # softmmu targets (qemu-system-*).
 SOFTMMU_TOOLS_DEPEND="
 	dev-libs/libxml2[static-libs(+)]
+	x11-libs/libxkbcommon[static-libs(+)]
 	>=x11-libs/pixman-0.28.0[static-libs(+)]
 	accessibility? (
 		app-accessibility/brltty[api]
@@ -96,7 +92,7 @@ SOFTMMU_TOOLS_DEPEND="
 	capstone? ( dev-libs/capstone:= )
 	caps? ( sys-libs/libcap-ng[static-libs(+)] )
 	curl? ( >=net-misc/curl-7.15.4[static-libs(+)] )
-	fdt? ( >=sys-apps/dtc-1.4.2[static-libs(+)] )
+	fdt? ( >=sys-apps/dtc-1.5.0[static-libs(+)] )
 	glusterfs? ( >=sys-cluster/glusterfs-3.4.0[static-libs(+)] )
 	gnutls? (
 		dev-libs/nettle:=[static-libs(+)]
@@ -177,6 +173,7 @@ BDEPEND="
 	dev-lang/perl
 	sys-apps/texinfo
 	virtual/pkgconfig
+	doc? ( dev-python/sphinx )
 	gtk? ( nls? ( sys-devel/gettext ) )
 	test? (
 		dev-libs/glib[utils]
@@ -207,10 +204,9 @@ PATCHES=(
 	"${FILESDIR}"/${PN}-2.5.0-cflags.patch
 	"${FILESDIR}"/${PN}-2.5.0-sysmacros.patch
 	"${FILESDIR}"/${PN}-2.11.1-capstone_include_path.patch
-	"${WORKDIR}"/patches
-
-	# COREOS: fix for vpc creation in qemu-img
-	"${FILESDIR}"/0001-block-fix-vpc-max_table_entries-computation.patch
+	"${FILESDIR}"/${P}-sanitize-interp_info.patch
+	"${FILESDIR}"/${PN}-3.1.0-md-clear-md-no.patch
+	"${FILESDIR}"/${PN}-4.0.0-mkdir_systemtap.patch #684902
 )
 
 QA_PREBUILT="
@@ -365,11 +361,6 @@ src_prepare() {
 	check_targets IUSE_SOFTMMU_TARGETS softmmu
 	check_targets IUSE_USER_TARGETS linux-user
 
-	# Alter target makefiles to accept CFLAGS set via flag-o
-	sed -i -r \
-		-e 's/^(C|OP_C|HELPER_C)FLAGS=/\1FLAGS+=/' \
-		Makefile Makefile.target || die
-
 	default
 
 	# Fix ld and objcopy being called directly
@@ -417,7 +408,7 @@ qemu_src_configure() {
 		--host-cc="$(tc-getBUILD_CC)"
 		$(use_enable debug debug-info)
 		$(use_enable debug debug-tcg)
-		--enable-docs
+		$(use_enable doc docs)
 		$(use_enable tci tcg-interpreter)
 		$(use_enable xattr attr)
 	)
@@ -490,7 +481,6 @@ qemu_src_configure() {
 		conf_opts+=(
 			--audio-drv-list="${audio_opts}"
 		)
-		use sdl && conf_opts+=( --with-sdlabi=2.0 )
 	fi
 
 	case ${buildtype} in
@@ -602,7 +592,7 @@ src_test() {
 }
 
 qemu_python_install() {
-	python_domodule "${S}/scripts/qmp/qmp.py"
+	python_domodule "${S}/python/qemu/qmp.py"
 
 	python_doscript "${S}/scripts/kvm/vmxcap"
 	python_doscript "${S}/scripts/qmp/qmp-shell"
@@ -681,10 +671,7 @@ src_install() {
 		emake DESTDIR="${ED}" install
 
 		# This might not exist if the test failed. #512010
-		if [[ -e check-report.html ]]; then
-			docinto html
-			dodoc check-report.html
-		fi
+		[[ -e check-report.html ]] && dohtml check-report.html
 
 		if use kernel_linux; then
 			udev_newrules "${FILESDIR}"/65-kvm.rules-r1 65-kvm.rules
@@ -711,6 +698,9 @@ src_install() {
 	dodoc Changelog MAINTAINERS docs/specs/pci-ids.txt
 	newdoc pc-bios/README README.pc-bios
 
+	# Disallow stripping of prebuilt firmware files.
+	dostrip -x ${QA_PREBUILT}
+
 	if [[ -n ${softmmu_targets} ]]; then
 		# Remove SeaBIOS since we're using the SeaBIOS packaged one
 		rm "${ED}/usr/share/qemu/bios.bin"
@@ -774,6 +764,8 @@ pkg_postinst() {
 		udev_reload
 	fi
 
+	xdg_icon_cache_update
+
 	[[ -f ${EROOT}/usr/libexec/qemu-bridge-helper ]] && \
 		fcaps cap_net_admin /usr/libexec/qemu-bridge-helper
 
@@ -813,3 +805,7 @@ pkg_info() {
 	fi
 	echo "  $(best_version sys-firmware/sgabios)"
 }
+
+pkg_postrm() {
+	xdg_icon_cache_update
+}